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DETAILED ACTION 

1 . This Office Action is a response to the amendment dated 07/06/04. Previously 
prosecuted claims 32-89 and newly added claims 90-92 are pending in the application. 



Double Patenting 

The nonstatutory double patenting rejection is based on a judicially created 
doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the 
unjustified or improper timewise extension of the "right to exclude" granted by a patent 
and to prevent possible harassment by multiple assignees. See In re Goodman, 1 1 
F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 
USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 
1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970);and, In re Thorington, 
418 F.2d 528, 163 USPQ 644 (CCPA 1969). 

A timely filed terminal disclaimer in compliance with 37 CFR 1 .321(c) may be 
used to overcome an actual or provisional rejection based on a nonstatutory double 
patenting ground provided the conflicting application or patent is shown to be commonly 
owned with this application. See 37 CFR 1 . 1 30(b). 

Effective January 1 , 1994, a registered attorney or agent of record may sign a 
terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 
37 CFR 3.73(b). 

2. Claims 32-92 are rejected under the judicially created doctrine of obviousness-type 
double patenting as being unpatentable over claims 1-31 of U.S. Patent No. 6,377,577. 
Although the conflicting claims are not identical, they are not patentably distinct from 
each other because: 

Claims 73-89 of the instant application call for a system claim that mirrored the 
method claims 1-31 of the '577 patent. 

Claims 1-31 of the '577 patent teaches essentially the same steps/means as 
claims 32-92 of the current application. Even though claims 32-92 are broadened by 
omitting certain limitation, i.e. ("maintaining a set of access control patterns in at least 
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one associative memory" was omitted in claims 32-72), it has been held that the 
omission of an element and its function is an obvious expedient if the remaining 
elements perform the same function as before. In re Karlson, 136 USPQ 184(CCPA). 
Also note Ex parte Rainu, 168 USPQ 375 (Bd. App. 1969); omission of a reference 
element whose function is not needed would be an obvious variation. 

In addition, a comparison of claims 32-72 of the instant application and claims 1- 
31 of the '577 patent a skilled artisan would have recognized the difference is a mere 
wording. Such difference is deemed to be obvious. 

Furthermore, there is no apparent reason why applicant was prevented from 
presenting claims corresponding to those of the instant application during prosecution of 
the application which matured into a patent. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(a) the invention was known or used by others in this country, or patented or described in a printed 
publication in this or a foreign country, before the invention thereof by the applicant for a patent. 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

3. Claims 32-43, 45-70 and 72 and 90-92 are rejected under 35 U.S.C. 102(b) as being 
anticipated by McAuley et al (Fast Routing Table Lookup Using CAMs, Bellcore, pages 
1-10, 1993) (hereinafter "McAuley") (note: McAuley reference is the technical document 
that mirror patent 5,386,413 applied in the previous Office Action). 
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Regarding claim 32, in accordance with McAuley reference entirety, McAuley 
discloses a method of processing a packet (Figure 3) comprising: 

matching one or more characteristics of said packet with one or more access 
control specifiers in at least one access control element (Figure 3; MASK CIRCUIT and 
page 6, right column, last paragraph to page 7, left column, first paragraph)] 

selecting a highest priority match (best match) (highest priority) based on a type 
of an access control specifier (packtAddress) of the highest priority match, which the 
type of the access control specifier of the highest priority match is related to an element 
of a packet header to which the access control specifier of the highest priority match is 
responsive {page 7, left column, second paragraph, McAuley discusses if there are 
multiple matches, the match prioritizer distinguishes which is the best match or highest 
priority discussed in page 9, left column, first paragraph)] and 

processing said packet based on said matching {page 7, left column, McAuley 
discloses the prioritizer only enables one buffer to drive its signal onto the output bus). 

Regarding claim 33, in addition to features recited in claim 32 (see rationales 
discussed above), McAuley further discloses wherein said access control element is a 
content addressable memory (FIG. 3; CAM-1 or CAM-3). 

Regarding claim 34, in addition to features recited in claim 32 (see rationales 
discussed above), McAuley further discloses wherein said matching and said 
processing is done in parallel (FIG. 3; CAM-1-CAM-3). 

Regarding claim 35, in addition to features recited in claim 32 (see rationales 
discussed above), McAuley further discloses wherein said characteristics of said packet 
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comprises one or more of a source address, a destination address, a source port, a 
destination port, a protocol type, an input interface and an output interface {Fig. 3; Port 
B-C or page 1, left column, "routing table" discussed in the Introduction or page 2, left 
column, section 2.2). 

Regarding claim 36, in addition to features recited in claim 32 (see rationales 
discussed above), McAuley further discloses wherein said characteristics of said packet 
comprises data carried by said packet in a packet header (inherent in the IP packet 
discussed in page 1, right column). 

Regarding claim 37, in addition to features recited in claim 32 (see rationales 
discussed above), McAuley further discloses receiving said packet (FIG. 3; Input prong 
depicts 201-829-4484). 

Regarding claim 38, in addition to features recited in claim 32 (see rationales 
discussed above), McAuley further discloses identifying one or more of said access 
control specifiers based on said matching (page 7, left column; indicating port B in the 
discussed example). 

Regarding claim 39, in addition to features recited in claim 37 (see rationales 
discussed above), McAuley further discloses prioritizing said one or more of said access 
control specifiers identified based on said matching to generate a set of prioritized 
access control specifiers (FIG. 3; match prioritizer; page 7, left column, McAuley 
discusses if there are multiple matches, the match prioritizer pickets the best match). 



Application/Control Number: 10/087,342 Page 6 

Art Unit: 2666 

Regarding claim 40, in addition to features recited in claim 39 (see rationales 
discussed above), McAuley further discloses wherein said prioritizing is done in parallel 
by a priority encoder {FIG. 3; match prioritizer and col. 7, line 8 to col. 10, line 45). 

Regarding claim 41, in addition to features recited in claim 39 (see rationales 
discussed above), McAuley further discloses wherein said prioritizing is done based on 
an address of said access control specifiers (packetAddress) in said access control 
element {FIG. 3; match prioritizer). 

Regarding claim 42, in addition to features recited in claim 39 (see rationales 
discussed above), McAuley further discloses wherein said processing is done based on 
said set of prioritized access control specifiers {FIG. 3; 150 and col. 7, line 8 to col. 10, 
line 45). 

Regarding claim 43, in addition to features recited in claim 32 (see rationales 
discussed above), McAuley further discloses wherein said processing further 
comprising: if said packet requires processing by a higher-level processor, forwarding 
said packet to said higher-level processor {FIG. 3; PORTB). 

Regarding claim 45, in addition to features recited in claim 32 (see rationales 
discussed above), McAuley further discloses if said packet requires forwarding, 
forwarding said packet {FIG. 3; PORTB). 

Regarding claim 46, in accordance with McAuley reference entirety, McAuley 
discloses a system for processing a packet comprising: 

one or more access control specifiers, wherein said one or more access control 
specifiers are of one or more types of access control specifiers, said one or more types 
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of access control specifiers being related to one or more elements of a packet header to 
which said one or more access control specifiers is responsive {Fig. 3; Ports B-C or 
page 1, left column, "routing table" discussed in the Introduction or page 2, left column, 
section 2.2 or page 7, left column; packetAddress); 

an access control element, wherein said access control element is configured to 
store said one or more access control specifiers {FIG. 3; CAM-1, CAM-2 or CAM-3); 
and 

a priority encoder coupled to said access control element, wherein said priority 
encoder is configured to prioritize in parallel said one or more access control specifiers 
matched with one or more characteristics of said packet {FIG. 3; match prioritizer) and 
to select a highest priority match based on said one or more types of access control 
specifiers {page 7, left column, second paragraph, McAuley discusses if there are 
multiple matches, the match prioritizer distinguishes which is the best match or highest 
priority discussed in page 9, left column, first paragraph). 

Regarding claim 47, in addition to features recited in claim 46 (see rationales 
discussed above), McAuley further discloses wherein said priority encoder is further 
configured to prioritize said one or more access control specifiers matched with said 
one or more characteristics of said packet according to an address of said one or more 
access control specifiers in said access control element {FIG. 3; match prioritizer and 
col. 7, line 8 to col. 10, line 45). 

Regarding claim 48, in addition to features recited in claim 46 (see rationales 
discussed above), McAuley further discloses a compare unit coupled to said access 
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control list, wherein said compare unit is configured to compare said one or more 
characteristics of said packet with one or more values (FIG. 3; MASK CIRCUIT) 

Regarding claim 49, in addition to features recited in claim 48 (see rationales 
discussed above), McAuley further discloses wherein said one or more values are 
predetermined (FIG. 3; LOAD for mask-3-mask-10) 

Regarding claim 50, in addition to features recited in claim 48 (see rationales 
discussed above), McAuley further discloses wherein said one or more values are 
dynamically determined (FIG. 3; LOAD for mask-3-mask-1 0) 

Regarding claim 51, in addition to features recited in claim 48 (see rationales 
discussed above), McAuley further discloses wherein said compare unit is further 
configured to perform arithmetic operation on data carried by said packet in a packet 
header (FIG. 3; MASK CIRCUIT) 

Regarding claim 52, in addition to features recited in claim 48 (see rationales 
discussed above), McAuley further discloses wherein said compare unit is further 
configured to perform logical operation on said data carried by said packet in said 
packet header (FIG. 3; MASK CIRCUIT) 

Regarding claim 53, in addition to features recited in claim 46 (see rationales 
discussed above), McAuley further discloses wherein said access control element 
further comprising: an access control memory (FIG. 3; CAM-1, CAM-2 or CAM-3). 

Regarding claim 54, in addition to features recited in claim 53 (see rationales 
discussed above), McAuley further discloses wherein said access control memory is a 
content-addressable memory (FIG. 3; CAM-1, CAM-2 or CAM-3). 
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Regarding claim 55, in addition to features recited in claim 53 (see rationales 
discussed above), McAuley further discloses wherein said access control memory 
stores at least one of said access control specifier (FIG. 3; LOAD for mask-3-mask-1 0). 

Regarding claim 56, in addition to features recited in claim 53 (see rationales 
discussed above), McAuley further discloses wherein said access control specifier 
further comprising: 

a label match mask configured to determine whether a first corresponding bit of 
said one or more characteristics of said packet is tested (FIG. 3; LOAD for mask-3- 
mask-10); and 

a label match pattern, wherein said label match pattern is compared with a 
second corresponding bit of said one or more characteristics of said packet (FIG. 3; 
101). 

Regarding claim 57, in addition to features recited in claim 46 (see rationales 
discussed above), McAuley further discloses a processor, coupled to said access 
control element, said processor is configured to process said packet when said packet 
is not processed by said access control element {not shown; inherent to have 
processing mechanism in a switch). 

Regarding claim 58, in addition to features recited in claim 46 (see rationales 
discussed above), McAuley further discloses at least one input port coupled to said 
access control element, wherein said input port is configured to receive said packet; and 
at least one output port coupled to said access control element, wherein said packet is 
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forwarded via said out put port {not shown; inherent as part of FIG. 3 in order to receive 
and route packet). 

Regarding claim 59, in accordance with McAuley reference entirety, McAuley 
discloses a system for processing a packet comprising: 

means for matching one or more characteristics of said packet with one or more 
access control specifiers in at least one access control element (CAM-1 or CAM-2 or 
CAM-3); and 

means for processing said packet based on said matching (match prioritizer). 

Regarding claim 60, in addition to features recited in claim 59 (see rationales 
discussed above), McAuley further discloses wherein said access control element is a 
content addressable memory (CAM-1 or CAM-2 or CAM-3). 

Regarding claim 61, in addition to features recited in claim 59 (see rationales 
discussed above), McAuley further discloses wherein said matching and said 
processing is done in parallel (CAM-1 or CAM-2 or CAM-3). 

Regarding claim 62, in addition to features recited in claim 59 (see rationales 
discussed above), McAuley further discloses wherein said characteristics of said packet 
comprises one or more of a source address, a destination address, a source port, a 
destination port, a protocol type, an input interface and an output interface (Fig. 3; Ports 
B-C or page 1, left column, "routing table" discussed in the Introduction or page 2, left 
column, section 2.2 or page 7, left column; packet Address). 

Regarding claim 63, in addition to features recited in claim 59 (see rationales 
discussed above), McAuley further discloses wherein said characteristics of said packet 
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comprises data carried by said packet in a packet header (inherent in the IP packet 
discussed in page 1, right column). 

Regarding claim 64, in addition to features recited in claim 59 (see rationales 
discussed above), McAuley further discloses means for receiving said packet {not 
shown; inherent as part of FIG. 3 in order to receive and route packei). 

Regarding claim 65, in addition to features recited in claim 59 (see rationales 
discussed above), McAuley further discloses means for identifying one or more of said 
access control specifiers based on said matching (FIG. 3; match prioritizer). 

Regarding claim 66, in addition to features recited in claim 64 (see rationales 
discussed above), McAuley further discloses means for prioritizing said one or more of 
said access control specifiers identified based on said matching to generate a set of 
prioritized access control specifiers (FIG. 3; match prioritizer). 

Regarding claim 67, in addition to features recited in claim 66 (see rationales 
discussed above), McAuley further discloses wherein said prioritizing is done in parallel 
by a priority encoder (FIG. 3; 150). 

Regarding claim 68, in addition to features recited in claim 66 (see rationales 
discussed above), McAuley further discloses wherein said prioritizing is done based on 
an address of said access control specifiers in said access control element (FIG. 3; 
150). 

Regarding claim 69, in addition to features recited in claim 66 (see rationales 
discussed above), McAuley further discloses wherein said processing is done based on 
said set of prioritized access control specifiers (FIG. 3; match prioritizer). 
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Regarding claim 70, in addition to features recited in claim 59 (see rationales 
discussed above), McAuley further discloses wherein said processing further 
comprising: means for forwarding said packet to said higher-level processor if said 
packet requires processing by a higher-level processor (not shown; inherent to have 
processing mechanism in a switch). 

Regarding claim 72, in addition to features recited in claim 59 (see rationales 
discussed above), McAuley further discloses means for forwarding said packet if said 
packet requires forwarding (FIG. 3; PORTS). 

Regarding claim 90, in accordance with McAuley reference entirety, McAuley 
discloses a method of processing a packet (Fig. 3 page 6, right column to page 7, left 
column; comprising: 

determining a selected output interface for the packet (Fig. 3; AND gates for 
enable/disable Ports S-C); 

matching one or more characteristics of said packet with one or more access 
control specifiers in at least one access control element, which said matching step is 
performed in parallel with said determining steps (Fig. 3; match prioritizer); and 

processing said packet based on said matching (Fig. 3; AND gates for 
enable/disable Ports "B-C). 

Regarding claim 91, in addition to features recited in base claim 32 (see 
rationales discussed above), McAuley further discloses wherein said one or more 
access control specifiers include a label match mask (Fig. 3; mask-3-mask-1 0) and a 
label match pattern (Fig. 3; matches Table). 



Application/Control Number: 10/087,342 Page 13 

Art Unit: 2666 

Regarding claim 92, in addition to features recited in base claim 46 (see 
rationales discussed above), McAuley further discloses wherein said one or more 
access control specifiers include a label match mask (Fig. 3; mask-3-mask-10) and a 
label match pattern (Fig. 3; matches Table). 

4. Claims 32-89 are rejected under 35 U.S.C. 102(a) as being anticipated by 
Alessandri (Access Control List Processing in Hardware, Diploma Thesis, pages 1-85, 
October 1997). 

Regarding claim 32, in accordance with Alessandri reference entirety, Alessandri 
discloses a method of processing a packet (Figure 4 or Figure 10) comprising: 

matching one or more characteristics (page 14, description pertaining Interface 
identifier or netflowlabel) of said packet with one or more access control specifiers in at 
least one access control element (page 13, section 3. 1 and description pertaining the 
comparison of CAM entries of the netflowlabel)] 

selecting a highest priority match based on a type of an access control specifier 
of the highest priority match, which the type of the access control specifier of the highest 
priority match is related to an element of a packet header to which the access control 
specifier of the highest priority match is responsive (priority encoder shown in Fig. 16 in 
page 19 and thereinafter)] and 

processing said packet based on said matching (page 13, section 3. 1 and 
description pertaining a match condition). 
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Regarding claim 33, in addition to features recited in claim 32 (see rationales 
discussed above), Alessandri further discloses wherein said access control element is a 
content addressable memory (Figure 10). 

Regarding claim 34, in addition to features recited in claim 32 (see rationales 
discussed above), Alessandri further discloses wherein said matching and said 
processing is done in parallel (page 6, section 2.2.1 and description pertaining filtering 
decision can be pipelined or page 14, first paragraph). 

Regarding claim 35, in addition to features recited in claim 32 (see rationales 
discussed above), Alessandri further discloses wherein said characteristics of said 
packet comprises one or more of a source address, a destination address, a source 
port, a destination port, a protocol type, an input interface and an output interface {page 
14, description pertaining Interface identifier or netflowlabel). 

Regarding claim 36, in addition to features recited in claim 32 (see rationales 
discussed above), Alessandri further discloses wherein said characteristics of said 
packet comprises data carried by said packet in a packet header (page 14, description 
pertaining Interface identifier and netflowlabel). 

Regarding claim 37, in addition to features recited in claim 32 (see rationales 
discussed above), Alessandri further discloses receiving said packet (page 10, section 
1.0 and description pertaining packet forwarding). 

Regarding claim 38, in addition to features recited in claim 32 (see rationales 
discussed above), Alessandri further discloses identifying one or more of said access 
control specifiers based on said matching (page 14, first paragraph; "first match'). 
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Regarding claim 39, in addition to features recited in claim 37 (see rationales 
discussed above), Alessandri further discloses prioritizing said one or more of said 
access control specifiers identified based on said matching to generate a set of 
prioritized access control specifiers {page 19, section 3.3.3, priority encoder). 

Regarding claim 40, in addition to features recited in claim 39 (see rationales 
discussed above), Alessandri further discloses wherein said prioritizing is done in 
parallel by a priority encoder (page 19, section 3.3.3, priority encoder). 

Regarding claim 41, in addition to features recited in claim 39 (see rationales 
discussed above), Alessandri further discloses wherein said prioritizing is done based 
on an address of said access control specifiers in said access control element. 

Regarding claim 42, in addition to features recited in claim 39 (see rationales 
discussed above), Alessandri further discloses wherein said processing is done based 
on said set of prioritized access control specifiers (page 19, section 3.3.3, priority 
encoder). 

Regarding claim 43, in addition to features recited in claim 32 (see rationales 
discussed above), Alessandri further discloses wherein said processing further 
comprising: if said packet requires processing by a higher-level processor, forwarding 
said packet to said higher-level processor (page 4, Figure 2; CPU). 

Regarding claim 44, in addition to features recited in claim 32 (see rationales 
discussed above), Alessandri further discloses if said packet requires dropping, 
dropping said packet (page 4, Figure 2; Drop Port or page 5, Figure 3). 
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Regarding claim 45, in addition to features recited in claim 32 (see rationales 
discussed above), Alessandri further discloses if said packet requires forwarding, 
forwarding said packet (page 4, Figure 2; Permit decision or page 5, Figure 3). 

Regarding claim 46, in accordance with Alessandri reference entirety, Alessandri 
discloses a system for processing a packet comprising: 

one or more access control specifiers, wherein said one or more access control 
specifiers are of one or more types of access control specifiers, said one or more types 
of access control specifiers being related to one or more elements of a packet header to 
which said one or more access control specifiers is responsive (semantics of ACLs 
discussed in page 14); 

an access control element, wherein said access control element is configured to 
store one or more access control specifiers {page 19, Figure 16, CAM entries)] and 

a priority encoder coupled to said access control element, wherein said priority 
encoder is configured to prioritize in parallel said one or more access control specifiers 
matched with one or more characteristics of said packet and to select a highest priority 
match based on said one or more types of access control specifiers (page 19, section 
3.3.3 and Figure 16). 

Regarding claim 47, in addition to features recited in claim 46 (see rationales 
discussed above), Alessandri further discloses wherein said priority encoder is further 
configured to prioritize said one or more access control specifiers matched with said 
one or more characteristics of said packet according to an address of said one or more 
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access control specifiers in said access control element (page 19, section 3.3.3 and 
Figure 16). 

Regarding claim 48, in addition to features recited in claim 46 (see rationales 
discussed above), Alessandri further discloses a compare unit coupled to said access 
control list, wherein said compare unit is configured to compare said one or more 
characteristics of said packet with one or more values {page 13, section 3. 1 and Figure 
10; AND-operafton). 

Regarding claim 49, in addition to features recited in claim 48 (see rationales 
discussed above), Alessandri further discloses wherein said one or more values are 
predetermined (page 13, section 3. 1 and Figure 10; netflowlabel or netflow mask). . 

Regarding claim 50, in addition to features recited in claim 48 (see rationales 
discussed above), Alessandri further discloses wherein said one or more values are 
dynamically determined (page 13, section 3.1 and Figure 10; netflowlabel or netflow 
mask). 

Regarding claim 51, in addition to features recited in claim 48 (see rationales 
discussed above), Alessandri further discloses wherein said compare unit is further 
configured to perform arithmetic operation on data carried by said packet in a packet 
header (page 13, section 3.1; AND-operation). 

Regarding claim 52, in addition to features recited in claim 48 (see rationales 
discussed above), Alessandri further discloses wherein said compare unit is further 
configured to perform logical operation on said data carried by said packet in said 
packet header (page 13, section 3. 1; AND-operation). 
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Regarding claim 53, in addition to features recited in claim 46 (see rationales 
discussed above), Alessandri further discloses wherein said access control element 
further comprising: an access control memory (page 6, Figure 4; CAM). 

Regarding claim 54, in addition to features recited in claim 53 (see rationales 
discussed above), Alessandri further discloses wherein said access control memory is a 
content-addressable memory (page 6, Figure 4; CAM). 

Regarding claim 55, in addition to features recited in claim 53 (see rationales 
discussed above), Alessandri further discloses wherein said access control memory 
stores at least one of said access control specifier (page 13, Figure 10; CAM entries). 

Regarding claim 56, in addition to features recited in claim 53 (see rationales 
discussed above), Alessandri further discloses wherein said access control specifier 
further comprising: 

a label match mask (netflowlabel mask) configured to determine whether a first 
corresponding bit of said one or more characteristics of said packet is tested (page 13, 
section 3.1)] and 

a label match pattern (netflowlabel pattern), wherein said label match pattern is 
compared with a second corresponding bit of said one or more characteristics of said 
packet (page 13, section 3.1). 

Regarding claim 57, in addition to features recited in claim 46 (see rationales 
discussed above), Alessandri further discloses a processor, coupled to said access 
control element, said processor is configured to process said packet when said packet 
is not processed by said access control element (page 5, Figure 3; CPU). 
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Regarding claim 58, in addition to features recited in claim 46 (see rationales 
discussed above), Alessandri further discloses at least one input port coupled to said 
access control element, wherein said input port is configured to receive said packet; and 
at least one output port coupled to said access control element, wherein said packet is 
forwarded via said output port {page 5, Figure 3 and thereinafter). 

Regarding claim 59, in accordance with Alessandri reference entirety, Alessandri 
discloses a system for processing a packet comprising: 

means for matching one or more characteristics of said packet with one or more 
access control specifiers in at least one access control element (page 5, Figure 3; ACL 
and thereinafter)] and 

means for processing said packet based on said matching {page 5, Figure 3; 
packet routing or forwarding). 

Regarding claim 60, in addition to features recited in claim 59 (see rationales 
discussed above), Alessandri further discloses wherein said access control element is a 
content addressable memory (page 13 t section 3.0 and thereinafter). 

Regarding claim 61, in addition to features recited in claim 59 (see rationales 
discussed above), Alessandri further discloses wherein said matching and said 
processing is done in parallel (page 6, section 2.2. 1; pipelined or page 14, section 3. 1; 
parallel). 

Regarding claim 62, in addition to features recited in claim 59 (see rationales 
discussed above), Alessandri further discloses wherein said characteristics of said 
packet comprises one or more of a source address, a destination address, a source 
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port, a destination port, a protocol type, an input interface and an output interface (page 
14 and Figure 1 1; Interface identifier). 

Regarding claim 63, in addition to features recited in claim 59 (see rationales 
discussed above), Alessandh further discloses wherein said characteristics of said 
packet comprises data carried by said packet in a packet header (page 14; Figure 11). 

Regarding claim 64, in addition to features recited in claim 59 (see rationales 
discussed above), Alessandri further discloses means for receiving said packet (page 6, 
Figure 4; Input Interfaces). 

Regarding claim 65, in addition to features recited in claim 59 (see rationales 
discussed above), Alessandri further discloses means for identifying one or more of said 
access control specifiers based on said matching (page 13, Figure 10). 

Regarding claim 66, in addition to features recited in claim 64 (see rationales 
discussed above), Alessandri further discloses means for prioritizing said one or more 
of said access control specifiers identified based on said matching to generate a set of 
prioritized access control specifiers (page 19, section 3.3.3, Figure 16; priority encoder). 

Regarding claim 67, in addition to features recited in claim 66 (see rationales 
discussed above), Alessandri further discloses wherein said prioritizing is done in 
parallel by a priority encoder (page 19, section 3.3.3, Figure 16; priority encoder). 

Regarding claim 68, in addition to features recited in claim 66 (see rationales 
discussed above), Alessandri further discloses wherein said prioritizing is done based 
on an address of said access control specifiers in said access control element (page 19, 
section 3.3.3, Figure 16; priority encoder). 



Application/Control Number: 10/087,342 Page 21 

Art Unit: 2666 

Regarding claim 69, in addition to features recited in claim 66 (see rationales 
discussed above), Alessandri further discloses wherein said processing is done based 
on said set of prioritized access control specifiers {page 19, section 3.3.3, Figure 16; 
priority encoder). 

Regarding claim 70, in addition to features recited in claim 59 (see rationales 
discussed above), Alessandri further discloses wherein said processing further 
comprising: means for forwarding said packet to said higher-level processor if said 
packet requires processing by a higher-level processor (page 5, Figure 3; CPU). 

Regarding claim 71, in addition to features recited in claim 59 (see rationales 
discussed above), Alessandri further discloses means for dropping said packet if said 
packet requires dropping (page 5, Figure 3; Drop Port). 

Regarding claim 72, in addition to features recited in claim 59 (see rationales 
discussed above), Alessandri further discloses means for forwarding said packet if said 
packet requires forwarding (page 5, Figure 3; Output Port or Routing decision). 

Regarding claim 73, in accordance with Alessandri reference entirety, Alessandri 
discloses a system comprising: 

means for maintaining a set of access control patterns in at least one associative 
memory (page 5, Figure 3; ACL)\ 

means for receiving a packet label responsive to a packet, said packet label 
being sufficient to perform access control processing for said packet (page 4, Figure 2, 
input interface or page 5, Figure 3, input port) ] 
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means for matching matchable information, said matchable information being 
responsible to said packet label, with said set of access control patterns in parallel 
(page 5, Figure 3; ACL processing device or page 13, Figure 10)] 

means for generating a set of matches in response thereto, each said match 
having priority information associated therewith {page 5, Figure 3; permit/deny decision 
or page 13, Figure 10)] 

means for selecting at least one of said matches in response to said priority 
information, and generating an access result in response to said at least one selected 
match {page 5, Figure 3; first demux)] and 

means for making a routing decision in response to said access result {page 5, 
Figure 3; routing decision or overwrite routing decision). 

Regarding claim 74, in addition to features recited in claim 73 (see rationales 
discussed above), Alessandh further discloses means for choosing a first one of said 
matches {page 19, Figure 16; priority encoder). 

Regarding claim 75, in addition to features recited in claim 73 (see rationales 
discussed above), Alessandh further discloses means for determining an output 
interface for said packet {page 5, Figure 3; output interface or page 13 or 19, Figure 16 
or Figure 19; CAM output). 

Regarding claim 76, in addition to features recited in claim 73 (see rationales 
discussed above), Alessandri further discloses means for implementing a quality of 
service policy {page 14, Figure 13). 
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Regarding claim 77, in addition to features recited in claim 73 (see rationales 
discussed above), Alessandri further discloses means for permitting or denying access 
for said packet (page 14, Figure 12; PermDrop). 

Regarding claim 78, in addition to features recited in claim 73 (see rationales 
discussed above), Alessandri further discloses means for making a preliminary routing 
decision for said packet (page 14, Figure 12; CPU). 

Regarding claim 79, in addition to features recited in claim 73 (see rationales 
discussed above), Alessandri further discloses means for determining at least one 
output interface for said packet (page 5, Figure 3; output interface or page 13 or 19, 
Figure 16 or Figure 19; CAM output). 

Regarding claim 80, in addition to features recited in claim 73 (see rationales 
discussed above), Alessandri further discloses means for preprocessing said packet 
label (page 13, Figure 10; input of CAM or page 19, Figure 16; input preprocessing); 
and means for generating said matchable information (page 13, Figure 10; CAM 
output). 

Regarding claim 81, in addition to features recited in claim 79 (see rationales 
discussed above), Alessandri further discloses means for performing one or more of an 
arithmetic, logical, and comparison operation on said packet label (page 13, Figure 10; 
AND-operation); and 

means for generating a bit string for said matchable information in response to 
said arithmetic, logical, and comparison operation (page 13, Figure 10; CAM entries). 
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Regarding claim 82, in addition to features recited in claim 73 (see rationales 
discussed above), Alessandri further discloses means for comparing a field of said 
packet label with an arithmetic range or mask value (page 13, Figure 10; AND-operation 
between netflowlabel pattern and netflowlabel mask). 

Regarding claim 83, in addition to features recited in claim 73 (see rationales 
discussed above), Alessandri further discloses means for comparing a source IP port 
value or a destination IP port value with a selected port value (page 13, Figure 10). 

Regarding claim 84, in addition to features recited in claim 73 (see rationales 
discussed above), Alessandri further discloses means for postprocessing said' selected 
match to generate said access result (page 19, Figure 16; priority encoder). 

Regarding claim 85, in addition to features recited in claim 73 (see rationales 
discussed above), Alessandri further discloses means for accessing a memory in 
response to a bitstring included in said selected match (page 5, Figure 3; ACL 
processing device or page 19, Figure 16; output memory). 

Regarding claim 86, in addition to features recited in claim 73 (see rationales 
discussed above), Alessandri further discloses means for declaring whether to permit or 
deny access of a set of packets (page 5, Figure 3, permit/deny decision). 

Regarding claim 87, in addition to features recited in claim 73 (see rationales 
discussed above), Alessandri further discloses means for receiving a sequence of 
access control specifiers (page 5, Figure 3; ACL processing device); 

means for translating said sequence of access control specifiers into said 
sequence of access control patterns (page 5, Figure 3; ACL processing device); and 
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means for storing said sequence of access control patterns in said associative 
memory (page 5, Figure 3; ACL processing device). 

Regarding claim 88, in addition to features recited in claim 73 (see rationales 
discussed above), Alessandri further discloses means for generating a single one of 
said access control patterns in response to a plurality of said access control specifiers 
(page 5, Figure 3; ACL processing device or page 13, Figure 10; CAM). 

Regarding claim 89, in addition to features recited in claim 73 (see rationales 
discussed above), Alessandri further discloses means for generating a single one of 
said access control patterns in response to a plurality of said access control specifiers 
page 5, Figure 3; ACL processing device or page 13, Figure 10; CAM). 

Regarding claim 90, in accordance with Alessandri reference entirety, Alessandri 
discloses a method of processing a packet (Fig. 3 page 6, right column to page 7, left 
column; comprising: 

determining a selected output interface for the packet (Fig. 16; Input 
Preprocessing and CAM entries); 

matching one or more characteristics of said packet with one or'more access 
control specifiers in at least one access control element, which said matching step is 
performed in parallel with said determining steps (Fig. 16; priority encoder); and 

processing said packet based on said matching (Fig. 16; output memory). 

Regarding claim 91, in addition to features recited in base claim 32 (see 
rationales discussed above), Alessandri further discloses wherein said one or more 
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access control specifiers include a label match mask (Fig. 10; mask mn) and a label 
match pattern (Fig. 10; mask pn). 

Regarding claim 92, in addition to features recited in base claim 46 (see 
rationales discussed above), Alessandri further discloses wherein said one or more 
access control specifiers include a label match mask (Fig. 10; mask mn) and a label 
match pattern (Fig. 10; mask pn). 

Response to Arguments 

5. Applicant's arguments filed 07/06/2004 have been fully considered but they are not 
persuasive. 

In the Remarks of the outstanding response, pertaining double patenting 
rejection, on page 1 1 , Applicants merely states a terminal disclaimer pursuant to 37 
C.F.R.§ 1 .321(c) to overcome the obvious-type double patenting rejection. However, 
there is no record of such terminal filed. 

Pertaining the rejection of claims 32-43, 45-70, 72 under 35 U.S.C..§ 102(b) as 
being anticipated by McAuley et al, Applicants argue based on the newly added 
limitation that the cited reference does not teach "selecting a highest priority match 
based on a type of an access control specifier of the highest priority match, wherein the 
type of the access control specifier of the highest priority match is based on an element 
of a packet header to which the access control specifier of the highest priority match is 
responsive". 
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In response Examiner respectfully disagrees and provides a new ground of 
rejection formulated based on McAuley technical reference entitled Fast Routing Table 
Lookup using CAMS, mirrored the disputed patent to better point out the claimed 
limitation the Applicants asserted and claimed to be novel. Please refer to the well 
formulated rejection discussed above. 

Pertaining to claims 32-89 under 35 U.S.C..§ 102(a) as being anticipated by 
Alessandri, Applicants stated "Accompanying this response is a copy of a previously 
submitted declaration of prior invention in the United States pursuant to 37 C.F.R.§ 
1. 131 to overcome the cited reference". Applicants ought to file a separate 37 C.F.R.§ 
1. 131 from the parent case in order to overcome the applied art, not the parent 
application's declaration. 

Examiner believes an earnest attempt has been made in addressing all of the 
Applicants' arguments. 

Conclusion 

6. Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1 . 1 36(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
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shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

7. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Frank Duong whose telephone number is (571 ) 272- 
3164. The examiner can normally be reached on 7:00AM-3:30PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Seema Rao can be reached on (571 ) 272-3174. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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